[HackerNews] Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been exploited by a malicious actor “to access other customers’ information” in what the researcher described as the “first cross-account container takeover in the public cloud.”
An attacker exploiting the weakness could execute malicious commands on other users’ containers,

Source: Read More (The Hacker News)

You might be interested in …

[ZDNet] Microsoft points the finger at Israeli spyware seller for DevilsTongue attacks

All posts, ZDNet

Updates released this week protect against two key zero-day vulnerabilities weaponized by customers. Source: Read More (Latest topics for ZDNet in Security)

Read More

[SecurityWeek] GitHub Discloses Details of Easy-to-Exploit Linux Vulnerability

All posts, Security Week

GitHub this week disclosed the details of an easy-to-exploit Linux vulnerability that can be leveraged to escalate privileges to root on the targeted system. The flaw, classified as high severity and tracked as CVE-2021-3560, impacts polkit, an authorization service that is present by default in many Linux distributions. read more Source: Read More (SecurityWeek RSS […]

Read More

[BleepingComputer] HPE fixes critical zero-day vulnerability disclosed in December

Hewlett Packard Enterprise (HPE) has released a security update to address a zero-day remote code execution vulnerability disclosed last year, in December. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.